tls13: srv: Refine early data status
The main purpose is to know from the status
if early data can be received of not and
why.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 3e6b1e6..f478a18 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1644,6 +1644,26 @@
*/
mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version);
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ /**
+ * On client side, status of the negotiation of the use of early data.
+ * See the documentation of mbedtls_ssl_get_early_data_status() for more
+ * information.
+ *
+ * On server side, internal only, status of early data in the course of an
+ * handshake. One of MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN,
+ * #MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED,
+ * #MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED,
+ * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED and
+ * MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED.
+ *
+ * Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT or
+ * MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, at the beginning of a new
+ * handshake.
+ */
+ int MBEDTLS_PRIVATE(early_data_status);
+#endif
+
unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -1841,10 +1861,6 @@
* and #MBEDTLS_SSL_CID_DISABLED. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#if defined(MBEDTLS_SSL_EARLY_DATA)
- int MBEDTLS_PRIVATE(early_data_status);
-#endif
-
/** Callback to export key block and master secret */
mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys);
void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 96afe76..9439408 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2132,8 +2132,26 @@
size_t *out_len);
#if defined(MBEDTLS_SSL_SRV_C)
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED \
+/* Additional internal early data status, server side only. */
+/*
+ * The server has not received the ClientHello yet, the status of early data
+ * is thus unknown.
+ */
+#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT
+
+/*
+ * The server has received the ClientHello, it contained no early data
+ * extension.
+ */
+#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3
+
+/*
+ * The server has received the early data extension, it has accepted early
+ * data and received the end of early data message from the client marking the
+ * end of early data reception.
+ */
+#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_EARLY_DATA */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 0bc18f1..72db821 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1098,6 +1098,16 @@
return MBEDTLS_ERR_SSL_ALLOC_FAILED;
}
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+#if defined(MBEDTLS_SSL_SRV_C)
+ MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0,
+ "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0");
+#endif
+ MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0,
+ "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0");
+ ssl->early_data_status = 0;
+#endif
+
/* Initialize structures */
mbedtls_ssl_session_init(ssl->session_negotiate);
ssl_handshake_params_init(ssl->handshake);
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 904bb5b..ff501c8 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -3024,6 +3024,9 @@
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data(
ssl, buf, buf + buf_len));
+ ssl->early_data_status =
+ MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED;
+
MBEDTLS_SSL_DEBUG_MSG(
1, ("Switch to handshake keys for inbound traffic"
"( K_recv = handshake )"));